Gecko [ satitravel.com ]

Linux server1.hosting4iran.com 4.18.0-553.89.1.el8_10.x86_64 #1 SMP Mon Dec 8 03:53:08 EST 2025 x86_64
LiteSpeed
Server IP : 185.208.174.156 & Your IP : 216.73.216.218
Domains : 282 Domain
User : satitravel

Name	Size	Permission	Date
10-base-config.rules	244 B	-rw-r--r--	2025-07-15 09:41
10-no-audit.rules	284 B	-rw-r--r--	2025-07-15 09:41
11-loginuid.rules	93 B	-rw-r--r--	2025-07-15 09:41
12-cont-fail.rules	333 B	-rw-r--r--	2025-07-15 09:41
12-ignore-error.rules	327 B	-rw-r--r--	2025-07-15 09:41
20-dont-audit.rules	516 B	-rw-r--r--	2025-07-15 09:41
21-no32bit.rules	273 B	-rw-r--r--	2025-07-15 09:41
22-ignore-chrony.rules	254 B	-rw-r--r--	2025-07-15 09:41
23-ignore-filesystems.rules	507 B	-rw-r--r--	2025-07-15 09:41
30-nispom.rules	4.83 KB	-rw-r--r--	2025-07-15 09:41
30-ospp-v42-1-create-failed.rules	1.46 KB	-rw-r--r--	2025-07-15 09:41
30-ospp-v42-1-create-success.rules	746 B	-rw-r--r--	2025-07-15 09:41
30-ospp-v42-2-modify-failed.rules	1.61 KB	-rw-r--r--	2025-07-15 09:41
30-ospp-v42-2-modify-success.rules	826 B	-rw-r--r--	2025-07-15 09:41
30-ospp-v42-3-access-failed.rules	625 B	-rw-r--r--	2025-07-15 09:41
30-ospp-v42-3-access-success.rules	399 B	-rw-r--r--	2025-07-15 09:41
30-ospp-v42-4-delete-failed.rules	562 B	-rw-r--r--	2025-07-15 09:41
30-ospp-v42-4-delete-success.rules	284 B	-rw-r--r--	2025-07-15 09:41
30-ospp-v42-5-perm-change-failed.rules	816 B	-rw-r--r--	2025-07-15 09:41
30-ospp-v42-5-perm-change-success.rules	414 B	-rw-r--r--	2025-07-15 09:41
30-ospp-v42-6-owner-change-failed.rules	579 B	-rw-r--r--	2025-07-15 09:41
30-ospp-v42-6-owner-change-success.rules	295 B	-rw-r--r--	2025-07-15 09:41
30-ospp-v42.rules	5.81 KB	-rw-r--r--	2025-07-15 09:41
30-pci-dss-v31.rules	6.34 KB	-rw-r--r--	2025-07-15 09:41
30-stig.rules	6.78 KB	-rw-r--r--	2025-07-15 09:41
31-privileged.rules	1.42 KB	-rw-r--r--	2025-07-15 09:41
32-power-abuse.rules	213 B	-rw-r--r--	2025-07-15 09:41
40-local.rules	156 B	-rw-r--r--	2025-07-15 09:41
41-containers.rules	439 B	-rw-r--r--	2025-07-15 09:41
42-injection.rules	672 B	-rw-r--r--	2025-07-15 09:41
43-module-load.rules	398 B	-rw-r--r--	2025-07-15 09:41
44-installers.rules	584 B	-rw-r--r--	2025-07-15 09:41
70-einval.rules	326 B	-rw-r--r--	2025-07-15 09:41
71-networking.rules	151 B	-rw-r--r--	2025-07-15 09:41
99-finalize.rules	86 B	-rw-r--r--	2025-07-15 09:41
README-rules	1.39 KB	-rw-r--r--	2025-07-15 09:41

Rename

##- Use of privileged commands (unsuccessful and successful)
## You can run the following commands to generate the rules:
#find /bin -type f -perm -04000 2>/dev/null | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $1 }' > priv.rules
#find /sbin -type f -perm -04000 2>/dev/null | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $1 }' >> priv.rules
#find /usr/bin -type f -perm -04000 2>/dev/null | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $1 }' >> priv.rules
#find /usr/sbin -type f -perm -04000 2>/dev/null | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $1 }' >> priv.rules
#filecap /bin 2>/dev/null | sed '1d' | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $2 }' >> priv.rules
#filecap /sbin 2>/dev/null | sed '1d' | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $2 }' >> priv.rules
#filecap /usr/bin 2>/dev/null | sed '1d' | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $2 }' >> priv.rules
#filecap /usr/sbin 2>/dev/null | sed '1d' | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $2 }' >> priv.rules